const jwt = require('jsonwebtoken');

// JWT密钥
const JWT_SECRET = 'abc^^123';

// JWT验证中间件
const verifyToken = (req, res, next) => {
    const token = req.headers.authorization;
    if (!token) {
        return res.status(401).send({code:401,msg:'未提供token',data:null});
    }

    try {
        const decoded = jwt.verify(token, JWT_SECRET);
        req.user = decoded;
        next();
    } catch (err) {
        return res.status(401).send({code:401,msg:'token无效或已过期',data:null});
    }
};

module.exports = {
    verifyToken,
    JWT_SECRET
};